From mboxrd@z Thu Jan 1 00:00:00 1970 From: Emil Velikov Subject: Re: [PATCH 2/3] nouveau: sanitise NOUVEAU_LIBDRM_*_LIMIT_PERCENT input Date: Thu, 13 Mar 2014 01:11:25 +0000 Message-ID: <532105BD.7040704@gmail.com> References: <1394657145-2638-1-git-send-email-emil.l.velikov@gmail.com> <1394657145-2638-2-git-send-email-emil.l.velikov@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Format="flowed" Content-Transfer-Encoding: 7bit Return-path: Received: from mail-wg0-f45.google.com (mail-wg0-f45.google.com [74.125.82.45]) by gabe.freedesktop.org (Postfix) with ESMTP id 69CC0FAC57 for ; Wed, 12 Mar 2014 18:09:42 -0700 (PDT) Received: by mail-wg0-f45.google.com with SMTP id l18so246123wgh.4 for ; Wed, 12 Mar 2014 18:09:41 -0700 (PDT) In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: dri-devel-bounces@lists.freedesktop.org Errors-To: dri-devel-bounces@lists.freedesktop.org To: Ilia Mirkin Cc: emil.l.velikov@gmail.com, "dri-devel@lists.freedesktop.org" List-Id: dri-devel@lists.freedesktop.org On 13/03/14 00:49, Ilia Mirkin wrote: > On Wed, Mar 12, 2014 at 4:45 PM, Emil Velikov wrote: >> Current handling relies on atoi which does not detect errors >> additionally, any integer value will be considered as a valid >> percent. >> >> Resolve that by using strtol and limiting the value within >> the 5-100 (percent) range. >> >> Signed-off-by: Emil Velikov >> --- >> nouveau/nouveau.c | 24 +++++++++++++++--------- >> 1 file changed, 15 insertions(+), 9 deletions(-) >> >> diff --git a/nouveau/nouveau.c b/nouveau/nouveau.c >> index d6013db..06cd804 100644 >> --- a/nouveau/nouveau.c >> +++ b/nouveau/nouveau.c >> @@ -76,7 +76,7 @@ nouveau_device_wrap(int fd, int close, struct nouveau_device **pdev) >> struct nouveau_device *dev = &nvdev->base; >> uint64_t chipset, vram, gart, bousage; >> drmVersionPtr ver; >> - int ret; >> + int ret, limit; >> char *tmp; >> >> #ifdef DEBUG >> @@ -121,16 +121,22 @@ nouveau_device_wrap(int fd, int close, struct nouveau_device **pdev) >> >> nvdev->close = close; >> >> + nvdev->vram_limit_percent = 80; >> tmp = getenv("NOUVEAU_LIBDRM_VRAM_LIMIT_PERCENT"); >> - if (tmp) >> - nvdev->vram_limit_percent = atoi(tmp); >> - else >> - nvdev->vram_limit_percent = 80; >> + if (tmp) { >> + limit = strtol(tmp, NULL, 10); >> + if (limit >= 5 && limit <= 100) >> + nvdev->vram_limit_percent = limit; >> + } > > Wouldn't it be easier to just clamp the value no matter what? i.e. > leave the current code alone, and add a clamp helper function + use > it? These are pretty rare env vars to set... presumably the person > setting them knows what they're doing. And if not, they get what they > deserve. > > On a related topic, I'd personally rather not throw in arbitrary > restrictions to code like this -- it makes debugging harder later on. > (e.g. what's wrong with 0 percent? let's say i want to disable > gart/vram entirely?) > Valid arguments, thanks. -Emil >> + >> + nvdev->gart_limit_percent = 80; >> tmp = getenv("NOUVEAU_LIBDRM_GART_LIMIT_PERCENT"); >> - if (tmp) >> - nvdev->gart_limit_percent = atoi(tmp); >> - else >> - nvdev->gart_limit_percent = 80; >> + if (tmp) { >> + limit = strtol(tmp, NULL, 10); >> + if (limit >= 5 && limit <= 100) >> + nvdev->gart_limit_percent = limit; >> + } >> + >> DRMINITLISTHEAD(&nvdev->bo_list); >> nvdev->base.object.oclass = NOUVEAU_DEVICE_CLASS; >> nvdev->base.lib_version = 0x01000000; >> -- >> 1.9.0 >> >> _______________________________________________ >> dri-devel mailing list >> dri-devel@lists.freedesktop.org >> http://lists.freedesktop.org/mailman/listinfo/dri-devel